[ https://issues.apache.org/jira/browse/DERBY-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12536870
]
Francois Orsini commented on DERBY-1823:
----------------------------------------
Great changes Kim. I tested all the samples and they worked great.
The only minor nit based on the write-ups is that you don't need the Derby jars to compile
the samples. They are just required to run them. There's also a little step issue with the
network client samples when it comes to shutting down the server at the end, which you should
not have to do - if you do then we should tell the user to restart the server before running
the samples.
So I would change: (for embedded)
"Before you compile and run AuthExampleEmbedded.java, make sure that %DERBY_HOME%\lib\derby.jar
(or $DERBY_HOME/lib/derby.jar) is in your classpath."
into -->
"Compile AuthExampleEmbedded.java
Before you run this program, make sure that %DERBY_HOME%\lib\derby.jar (or $DERBY_HOME/lib/derby.jar)
is in your classpath."
and (for client-server)
"Before you compile these programs, make sure that %DERBY_HOME%\lib\derbyclient.jar (or $DERBY_HOME/lib/derbyclient.jar)
is in your classpath.
Before you run these programs, start Derby as described in "Activity 4: Create and run a JDBC
program using the client driver and Network Server" in Getting Started with Derby. After you
run the programs, stop Derby as described in the same topic."
into -->
"Compile AuthExampleClient1.java and AuthExampleClient2.java"
Before you run these programs, make sure that %DERBY_HOME%\lib\derbyclient.jar (or $DERBY_HOME/lib/derbyclient.jar)
is in your classpath,
then start Derby server as described in "Activity 4, step 2: Create and run a JDBC program
using the client driver and Network Server" in Getting Started with Derby guide."
Another comment which is probably best treating in a separate JIRA is that we should probably
document the fact that users can now use GRANT/REVOKE instead of Derby's non-standard built-in
authorization implementation, but I would do this in a separate JIRA and at least point them
to the Grant/Revoke documentation / samples.
See derby.database.sqlAuthorization property which was added as part of DERBY-464.
We could add something along these lines:
"For more information about user authorization, see "User authorizations" in the Derby Developer's
Guide"
http://db.apache.org/derby/docs/dev/devguide/devguide-single.html#cdevcsecure36595
> Derby Developer's Guide - Issues w/ User authentication and authorization extended examples
section/paragraph
> --------------------------------------------------------------------------------------------------------------
>
> Key: DERBY-1823
> URL: https://issues.apache.org/jira/browse/DERBY-1823
> Project: Derby
> Issue Type: Bug
> Components: Documentation
> Affects Versions: 10.1.1.0, 10.1.2.1, 10.1.3.1, 10.2.1.6, 10.2.2.0, 10.3.1.4
> Reporter: Francois Orsini
> Assignee: Kim Haase
> Priority: Minor
> Attachments: DERBY-1823-2.diff, DERBY-1823.diff, DERBY-1823.zip
>
>
> There is a couple of issues with the paragraph/section "User authentication and authorization
extended examples" in the developer's guide
> http://db.apache.org/derby/docs/10.2/devguide/rdevcsecure26537.html
> 1) The methods turnOnBuiltInUsers() & turnOffBuiltInUsers() do NOT shutdown and reboot
the database for which the 'derby.connection.requireAuthentication' authentication database
property is being set - as this last one is a derby static property, it will not be taken
into account until the database is rebooted (or the whole derby engine instance). Hence, the
2 checks for "Confirming requireAuthentication" is misleading as the property value is changed
_but_ the actual database authentication enabling/disabling has not changed since it was last
booted. Database needs to be shutdown and rebooted after 'derby.connection.requireAuthentication'
is set and then some negative testing of invalid user connection needs to be added to show
that only valid users can connect (in the case, authentication is being enabled).
> 2) Paragraph (extended examples section) also needs to be moved at the same level as
the 2 above such as:
> "User authentication example in a single-user, embedded environment"
> http://db.apache.org/derby/docs/10.2/devguide/rdevcsecure125.html
> "User authentication example in a client/server environment"
> http://db.apache.org/derby/docs/10.2/devguide/rdevcsecure13713.html
> since the extended examples (once fixed - see 1)) can be applied in both a client-server
and embedded environments context.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.